Cyber wrap
Provocative quotes from the Emir of Qatar that recently appeared on a Qatar government website have been attributed to a Russian cyber attack. The comments, which expressed support for Iran, Hamas, Hezbollah and the Muslim Brotherhood have been removed but ended up being one of many reasons already for this week’s diplomatic fracas. Saudi Arabia, the United Arab Emirates, Egypt, Bahrain, Yemen and even Libya have suspended diplomatic relations with Qatar, cut sea, air and land connections, and expelled Qatari visitors and residents. The move isn’t a bolt-from-the-blue, coming as the latest and most extreme escalation in a string of disagreements—neighbouring countries have long rebuked Qatar for its support for Islamists and violent extremists in the region, including Islamic State, and previously had recalled diplomats over an eight month period in 2014.
Prime Minister Malcolm Turnbull and Minister Assisting the PM for Cyber Security Dan Tehan held a roundtable with major telco and internet companies last Wednesday to discuss strategies to protect Australians from cyber attacks. The roundtable echoed Tehan’s remarks at ASPI’s launch event for its review of the government’s Cyber Security Strategy, where he suggested that telcos could play an expanded gatekeeper role for Australia’s networks.
The Shadow Brokers—the group behind recent leaks of NSA hacking tools used in WannaCry—have announced they’re open for business, revealing details about their new monthly data dump service. For the bargain price of the cryptocurrency equivalent of USD$23,251, potential subscribers will receive a data dump, which will reportedly have something for everyone, from exploits and tools, banking data, and nuclear weapons and missile program data. Given the value subscribing could have in mitigating the next major cyber attack, companies and governments are facing ethical and legal dilemmas about whether to subscribe or not.
On the other hand, the question of money might prove to be irrelevant, as it’s been suggested by commentators, including Edward Snowden, that the group is a front for Russian Intelligence, and that the solicitations for money are a distraction from the organisation’s goals in collecting foreign intelligence and burning the NSA’s toolsets and capability. Previous attempts to sell exploits have been characterised as clumsy and poorly thought out. Moreover, some “creative” acronym analysis seems to support the Russian intelligence theory.
Hillary Clinton has come out firing, dissecting the role that disinformation had in her defeat during the 2016 presidential election. She pins the blame squarely on a number of Russian agents using cutting edge analytics, marketing and machine learning to algorithmically generate fake news and influence voters through social media. More importantly, it’s likely only the beginning of an information war that’ll characterise elections to come, and an issue that will continue to dog Facebook.
In response to the recent attack in London, British Prime Minister Theresa May has come out strongly against the inaction that internet companies have demonstrated on the issue of extremist communications, stating that there is ‘far too much tolerance of extremism in our country’. The PM also suggested that Britain’s counterterrorism strategy needs to be reviewed to increase the powers of police and security services. Similar comments have come from Malcolm Turnbull, who has called out social media messaging companies as not doing enough to provide security agencies with access to encrypted communications.
A defamation case in Switzerland also demonstrates the increasing scrutiny social media is facing. In what seems to be a world first, a Zurich man who ‘liked’ defamatory social media posts has been fined 4,000 Swiss Francs (USD$4,100). The man liked a post that (falsely) accused a third party of antisemitism, racism, and fascism—the trifecta! It’s unclear whether the charges will stick through the appeals process. However, in the meantime, avid Tweeters who rely on the disclaimer ‘retweet doesn’t equal endorsement’ might want to be more cautious.
Sydney-based ticketing start-up Qnect has been grappling with a perplexing security incident this week, with hackers directly SMSing individual Qnect users with a warning that their personal data (e-mails, credit card information) has been stolen and will be released online unless a ransom is paid. It’s likely that the names, e-mails and phone numbers were gathered by exploiting an autocomplete function that tends to overshare. As a result, the founders are reassuring customers that financial data hasn’t been exposed and that the threats are just a bluff.
Lastly, for those readers playing ASPI Bingo, you can mark ‘cybersecurity’ and ‘submarines’ off your sheet: the British and American Security Information Council has released a report finding that Vanguard-class ballistic missile submarines (the ones armed with world-ending nukes) remain vulnerable to catastrophic cyber attack.